I am seeing this error:
helm_chart.api: error installing: Post https://35.192.46.211/apis/extensions/v1beta1/namespaces/kube-system/deployments: x509: certificate signed by unknown authority
This is my configuration:
provider "helm" {
kubernetes {
host = "${module.kubernetes-cluster.host}"
username = "${module.kubernetes-cluster.username}"
password = "${module.kubernetes-cluster.password}"
client_certificate = "${base64decode(module.kubernetes-cluster.client_certificate)}"
client_key = "${base64decode(module.kubernetes-cluster.client_key)}"
cluster_ca_certificate = "${module.kubernetes-cluster.cluster_certificate_file}"
}
}
resource "helm_repository" "incubator" {
name = "incubator"
url = "https://kubernetes-charts-incubator.storage.googleapis.com"
}
What am I missing @mcuadros ?
Looks like you are not decoding the cluster_certificate_file, this is an example using the Helm provider in a similar setup:
provider "helm" {
kubernetes {
host = "${module.k8s_cluster.endpoint}"
cluster_ca_certificate = "${module.k8s_cluster.cluster_ca_certificate}"
client_certificate = "${module.k8s_cluster.client_certificate}"
client_key = "${module.k8s_cluster.client_key}"
}
k8s_cluster modules:
output "cluster_ca_certificate" {
description = "Public certificate that is the root of trust for the cluster"
value = "${base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate)}"
}
output "client_key" {
description = "Private key used by clients to authenticate to the cluster endpoint"
value = "${base64decode(google_container_cluster.primary.master_auth.0.client_key)}"
}
output "client_certificate" {
description = "Public certificate used by clients to authenticate to the cluster endpoint"
value = "${base64decode(google_container_cluster.primary.master_auth.0.client_certificate)}"
}
If doesn't work please re-open the issue.
I fixed using
gcloud container clusters get-credentials cluster-name
Most helpful comment
Looks like you are not decoding the
cluster_certificate_file, this is an example using the Helm provider in a similar setup:k8s_clustermodules:If doesn't work please re-open the issue.